We Must Design Every System for Privacy
If we don’t want a total surveillance society, we must consider surveillance a kind of social pollution, and limit the surveillance impact of each new digital system just as we limit the environmental impact of physical construction.
For example: “Smart” meters for electricity are touted for sending the power company moment-by-moment data about each customer’s electric usage, including how usage compares with users in general. This is implemented based on general surveillance, but does not require any surveillance. It would be easy for the power company to calculate the average usage in a residential neighborhood by dividing the total usage by the number of subscribers, and send that to the meters. Each customer’s meter could compare her usage, over any desired period of time, with the average usage pattern for that period. The same benefit, with no surveillance!
We need to design such privacy into all our digital systems.